Exclusive reporting and analysis for corporate-technology executives.

Banks Inch Ahead in War with Hackers

Banks are starting to do a better job of repelling attacks against their websites, even as the size and duration of those attacks are growing. In January, as attackers hammered bank sites with distributed denial of service attacks, the availability rate of websites at U.S. financial institutions actually rose to 97.21% from 94.86% during the fall, when the first phase of attacks was in full force, according to a report from BankInfoSecurity.com.

Still, it’s too early to break out the champagne. The size and duration of the so-called DDoS attacks are increasing against banks and companies in other industries. Those attacks attempt to disrupt customer service by directing large amounts of Web traffic at a website until it slows down or collapses. Banks mitigated the attacks by turning to protection services from Prolexic Technologies, Akamai Technologies Inc. and others, said Avivah Litan, vice president and distinguished analyst at Gartner Research. For example, when a bank discovers an attack, it routes in-bound traffic to a Prolexic “scrubbing center” where it is filtered and cleaned using specialized hardware and advanced routing and then directed back to the bank.

Banks have also increased the bandwidth of their connections to the Internet and have diverted security employees from other efforts to deal with the attacks. Still, Ms. Litan noted that these measures are not a “permanent fix” and bank attackers are likely to adapt with larger attacks as they have in the past.

“We’re seeing attacks exceeding 80 gigabits per second,” said Stuart Scholly, president of Prolexic. That’s four times the size of the average attack size the company saw in the third quarter of 2012. The average duration of the attacks has also increased to 32.2 hours during the fourth quarter from 19.2 hours during the third quarter.

This increased capacity appears to have come from the ability of hackers to virtually co-opt networks of computers in data centers, reported The New York Times. The U.S. government has said the sophistication of the bank attacks indicate the work of hackers backed by Iran. Still, the U.S. has not produced technical evidence that the Iranians have initiated the attacks. Attribution of cyber attacks is notoriously difficult. To complicate matters, it appears that third-party criminal organizations are trying to ride the coattails of attacks by posing as a Middle Eastern hacktivist group.

The factors that render the electrical grid vulnerable to cyber attack are strikingly similar to the cyber risk issues faced by health care, financial services, and other industries. But one recent malware campaign targeting utilities shows just how exposed the grid remains to cyber threats.